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REMARKS 

The I ^ aniiiitrt has ob e^tod t > - ^ \' or " u n „ to pio\ ide piopei 
antecedent basis {ot the i laimjj suhje>-t mwm \k>u sp>,ciJkalb t!K I xamuKi has 
^iL'ULd that tio\sheie in the; spet. akaiion is a tangible amtpiitei leatiahic Tucdium 
described 'Vpphcant respectful^ disagrees and points out that Page is, hnei« \ -2. ot the 
specificatioTi disclose a '"Random Access Memory tRAM)" and a "'Read OmIv Memor\'^ 
(ROM)." Both RAM and ROM are tangible computer readable mediums, aiid as a result 
the specification provides adequate atitecedent basis for the ciaimed subject matter. Of 
course, the foregoing citations are set forth for iliustrative purposes only, and should not 
be construed as liniititig in any manner. 

The ExaiTiiner has rejected Claims 1,12, 23, 28, and 29 under 35 U.S.C. 112, first 
paragraph, as failing to comply witii the written description requirement. More 
specifically, the Examiner has argued that '[H]owhere in the specitlcation is a "tangible 
computer readable medium" described." Again, applicant respectfully disagrees and 
poitUs out that Page 8, lines 1-2 of the specification disclose a "Random Access Memoty 
(RAM)" and a "Read Only Memow (ROM)." Both RAM and ROM are tangible 
computer readable medimns, and as a resuh tlie above claims all comply with the written 
description requirement. Of com-se, the foregoing citations are set forth for illustrative 
piuposes only, and should not be construed as limiting in any manner. 

The Examiner has rejected Claims 1 -5, 7, 1 2-16. 18, 2.3, 29, and 34-37 under 35 
■y.S.C. 103(a) as being unpatentable over ConSeai PC FIREWALL Technical Summary 
(hereinafter ConSeal), in view of Hari et al (Detecting and resolving packet filter 
conflicts), in view of Coss et al. (U.S. Patent No. 6,098,172), further in view of Chan et 
al (U.S. Patent No. 6,910,028), and ftirther in view of Jacobson (U.S. Patent No. 
6,735,701). In addition, the Examiner has rejected Claim 28 under 35 U.S.C. 103(a) as 
being unpatentable over CoaSeal, in view of Hari, in view of Coss, in view of Chan, and 
in further view of Horvite et al. (U.S. Patent Application No. 2003/0046421). Applicant 
respectfully disagrees witli such rejections, especially in view of the amendments made 
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hereiaabove to the indepe»dettt claims. Specificaily, applicant bas amended some of (lie 
independent claims to at least substantialiy include the subject matter of fbrraer 
dependent Claims 2 and 3 et al. 

To esiablish •A prima facie case of obviousness, three basic criteria m ust be met . 
First, tiiere must be some suggestion or motivation, either in the references themselves or 
in the knowledge generally available to one of ordinary skill in the art, to modify the 
reference or to combine reference teachings. Second, there must be a reasonable 
expectation of success. Finally, the prior art reference (or references when combined) 
must teach or suggest all the claim limitations. The teaching or suggestion to make the 
claimed combination and the reasonable expectation of success must both be found in the 
prior art and not based on applicant's disclosure. In re Vaeck, 947 F.2d 488, 20 ljSPQ2d 
1438 (Fed.Cir. 1991). 

With respect to the first element of the prima facie case of obviousness and, in 
particular, the obviousness of combining the aforementioned references, the Examiner 
has argued that "it would have been obvious. . . to use Hari et al's priorities. . . [and] 
conflict resolution. . . in the firewall system of C'on.Seal," and that the "[mjodvation to do 
so would have been to avoid matching multiple filters with confliction actions (see Hari 
et al page 1204 section 0." To the contrary, applicant respectfully asserts that it would 
not have been obvious to combine the teachings of the Hari and ConSeal references, 
especially in view of the vast evidence to the contrary. 

The mere fact that reftneiKes can be combined or niodified does not render liu' 
resultant combination obvious unless the prior art also suggests the desirability of the 
combination. In re Mills, 916 F.2d 680, 16 USPQ2d 1430 (Fed. Cir. 1990). Although a 
prior art device "may be capable of being modified to run the way the apparatus is 
claimed, there must be a suggestion or motivation in the reference to do so," 916 F,2d at 
682, 16USPQ2datl432.). 
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SpecjfjcalK, applicant respectlully disagiees \\ ith the \ argument that 

"Jt would have been obvious. . .to use Marj et al's pi jorjties, . .fand] conflict resohiuon in 
ihe tlievval! -,>\(em ut ( onSeai ?o ■> v> i\ ^ l i sj i ni ^ V f heis ^\ uh 
conflfctioo action^ fas tauglu m H.\ui f-n-t uiv. po Mhic solauon^ tclKci on In tbv 
1 \ itnmei joiato to a sauaiuMi tliete k "a contltct since the paclets tfjL J<n\ 

match boUi I- , and {where and hjaie diffeient filtess] (page $204 ught cokmin). 
I hus, Han teaches possible soluttons once it is determined that a packet flow matches 
multiple filters, aiid does not disciose "avoid[mg] matching multiple filters with 
confliction actions" (eirtphasis added), as the Exaniiiier notes. 

In addition, applicant respectfully points out that the ilari reference relied on by 
the Examiner e.Kpressly discJoses thai the "iraplicii conflict resobtfior? .■nchemes, [which 
include the fjher prioritization noted by the Examiner^ while simple to inaplement, 
[acluallyj suffer from some serious drawbacks " such as ^' arbitrariness on the conflict 
resolution" and "inflexiMlity in filter matching"(Page 1 204, Section 11 - emphasis 
added). Additionally, the Hari reference states that '' mjtch.implicit.conflict res^^ 
schetBes do rtot work in the general case" (Page 1 204, Section 0 •••• emphasis added). As 
a resiiU, the Hari reference discloses a solution involving using "resolve filters for each 
pair of conflicting fiiters" (see page 1205, right cohnnn), and not filter prioritization, as 
noted by the Examiiter. Thus, applicant respectfuUy asserts that it would not have been 
obvious to combine a priori tiisation technique tliat "do[es] not work in the general case," 
as taught in Hari, with that taught by ConSeal, and therefore no suggestion or motivation 
exists to combine such references. 

In the Ot^ke Action mailed 03/26/2007, the Examiner has argued that "Hari 
teaches methods of resolving conflicts (with its own benefits) using methods a), b), and c) 
and further states that these methods are simple to implement" and has fuither stated that 
"[tjherefofe, Hari has some teaching, suggestion, or motivation to use tlie method 
described." 
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Applicant respectfullv disagrees and again notes that Han discloses tliat tlie 
' impticU conflict resolution schemes do not work m the general case'" (Page 1204, 
^ecuon 1! emphasis adJt;t.i) anc' '1 a" "i-- ^ i^sb . tk i i eteitJULe di>t„iu-,es <t solution 
un ol\ um fisinu fe^oj\c filtJts ior cav.ii j\i i . tonfKi tilioj'^ (sco pa^j 120^ u^'ht 
Lokitjui) ai)d nol }'i!tei pi jonij Action as rehed on b\ ihe i \aninier ibeieioie lian's 
disclosiue that imphcit conflict lesolutson schemes do not work m the g;,neral case, m 
fact leaches awav from the use of the aforenKntiotied pnontixatioti technique with that 
taught by ConSeaL It is improper to combine references where the references teach away 
from their combraation. In re GrasseUh 713 F.2d 73 i, 743, 218 USPQ 769, 779 (Fed. 
Cir. 1983). 

More tmportaiitJy, applicant respectfiilly asserts that the third element of the 
prima facte case of obviousness has also not been tuet by the prior art reference reiied on 
by tlie Examiner. For example, witii respect to tlie independent claims, the Examiner has 
reiied on page 1 204, section 11 from the Hari leferencej excerpted in part below, to make 
a prior art showing of applicant's claimed technique "wherein a first policy with a higher 
ptiority lias a first condition associated tiierewith that is different frotn a second condition 
associated with a second policy with a lower priority such that the first policy and second 
policy are activated under different priority-related conditions" and "identifying currently 
executed security actions, determining whether a conflict exists between the currently 
executed security actions, and resolving any conflicts between tlie currently executed 
security' actions" (see this or similar, but not necessarily identical language in the 
independent claims). 

1 > - " n..tc S~in;^ f-lr<=>i 1. ti-'-e, -tat-- o^^f' 

dd^.i t, <■>, •£ <v> qoeh. Xi •-ctJr^^ at A," t»*icps>. Or the oihs-'- 

narid, .3.;: F-.. ;i.s stored »etore F; , tftasi siost at the pacKsts at the 

Mfops. Tnis approacn is commonly lisea t.o resolve conflicT^s m 
f rc^cJvl"?, <j>3ei<^ -^ao^xnci p- c ..ot ^ i <? -ra^'rcd aq-i r f' t< ■"s 

trse i:ir.'5t ma'ichxncj s: liter. 

Assign priorxtias zo airteresTice niters, ana use the rnatching 
f-lfcr -"h- h-gi'-^'-t pticiity. r*!-,:: ^c. cr-^ turn's t to r--- 
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} AssiOT pi-ioiit c ^ ,o f elds -5; tlo'- .-i <:>.,{>t» >£ -fiXJl- tp c 
iniat:caes the tiltar the saost speciiLC ■na5:cti:i.ng -iieid wxth tn« 

■t:.^,T>est \,zxo::-^ty z,s> selected. exartsplis, it th*; soj'x,'c «ddxisi?^ 

IS give-. l~icfncr piiority on ratches i-har. tho acstira^rio-i addr<^«is, 
ther ior k'lh iro-ti netvi,'cr\ X to rei>^~o:k \ mi* iilt ei r 

IS a hctter rritcb -i^>-ir )r-." (M^e-, pai, ^^OJ, -oc i.>-i "t - 
ertsphasis added) 

Applicant respectfuOy asserts that the exceipt from Ban relied upon by the 
Examiner teaches a method of conflict resolution where one filter is selected over otlier 
potential filters. Specifically, for conflict resohition, tlie Hari excerpt referenced above 
teaches three conflict resolution techniques. The first conflict resolution teclmique 
disclosed teaches that "[t]he first matching filter in the filter database takes precedence " 
(emphasis added). The second conflict resolution technique disclosed teaches to 
"[tijs^iign priorities to dif&'rence filters, and use .tlM.mafching fi^^^^^ 
priority " (emphasis added). The third conflict resolution technique disclosed teaches to 
"[a jssign priorities to fields so that in case of multiple matches the filter with the most 
specific HBtcM^ ^ (emphasis added). 

Thus, the excerpt from Hari refererxced above actvtaily leaches away from 
applicant's claimed technique "wherein a first policy with a higher priority has a first 
condition associated therewith that is different from a second coTidition associated with a 
second policy with a lower priority such that the first poHcy and second policy aie 
activated under different priority-related conditions " (emphasis added), since Hari 
teaches that a selection of the filters is based on the same priority-related condition 
[namely, condition a), b), or c) in the above excerpt]. Note that f-lari does not teach that a 
first filter is selected based on teclinique a) while a second filter is selected based on 
technique b), etc. 

in the Office Action mailed 10./12./2006, the Examiner has argued that '\vhen a 
conflict aiises the filter witlt the highest priority is selected and v/hen only a single filter 
matches, i.e. no conflict, tliat filter is activated because it has the highest (an[dj only 
priority) which is a second priority related activation of a policy different than the first." 
Applicant respectfully disagrees. Specifically, applicant claims that 'Mie first policy and 
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second policy are activated midei different pnority-reiated condttuws" {emphasis added), 
which is ntrt met by a teaching that one policy is activated when there is no policy 
conHict and v^nothei pohcy is aLinared tl-L-L- s ^ d rojcv vOrHict as (he Kxafniuer 
notes SnnpK nouheie in the excoipt in \ \<ii: lened on h\ the I xanujiei is theic any 
Siiggcsiion that ""a hisl pohcy wuh a higher piioiiiy lias a first condiunn a-^socitited 
therewith that is different from a second coadition associated with a second policy with a 
lower priority such that fee fjrstp.olk3r..aM sMO^^^ 

priority-related conditions " (emphasis added), as applicant specifically claims. 

Also in the Office Action mailed 10/{2./2006, appiicant notes that the Examiner 
has simply reiterated tiie argument stated in tire Office Action mailed 05/05/2006, namely 
that "the piiority based system of Bari teaches that each filter {i.e. pohcy) has a different 
priority and when a packet matches more than one filter, which ever filter has a higher 
priority is used." Again, applicant respectfully asserts tiiat Hari teaches, during conflict 
resolution, either selecting the first matching filter, the matching illter with the highest 
priority, or the filter with the most specific matching field with the highest prioThy. 
Again, appiicant respectfuliy disagrees with the Examiner's rejection, since Hari teaches 
that a selection of the tlUers is based on the same priority -related condition [najinely, 
condition a), b), or c) in the above excerpt]. Again, only applicant teaches and claims a 
technique "wherein . . . the first policy and second policy are activated under different 
prioritv-reiated conditions" (eittphasis added), as claimed. 

In the Office Action mailed 03/26/2007, tlie Examiner has argued that "Had 
disc lo:>cs the use of pi loiUf OS 't. c . o.rK N i ic !<i-- .--^.o-u' *hc example 
befoie the descnptjons of a), b), and c) on page 1204" of ilars by creatnig a theoretical 
scenario and has alleged that ^'whenever traffic comes to the filter jfrom the network 
(128.1 12.*) destined for tlie network (128.122.*) tiiere is a conflict between ail three 
filters^ [and] since Fj has the highest priority it will be chosen." The Examiner has 
fimlier stated that 'ttjherefore, is chosen under a first priority-related condition." 
Additionally, the Examiner has stated that in "a conflict between F2 and Fi, . . since Fj has 
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a higher priority it will be chosen" and that "[tjherefofe Fj is chosen under [a] second 
priority-rebted condition." 

A}ipl!cani iLsptxttidh af^aLi>.v^ and ponus <m\ nui ilie aboxe ihctuctKa! v.'\an)ple 
hibik UlJ md R'hed on h\ the f \.UTuner meieh implements one of ihe ibtee possible 
solutjof\s' presided on page 1204 of Han More specitkalh by stating titat 1 1 is chosen 
m a conflict ''since Fj has the highest pnonty," the Examiner has ttierely demonstrated 
the implementation of solution b) in Hari, which "[a]ssign[s] priorities to different filters, 
and use[s'J the matching filter with the highest priority." ilowever, applicant again asserts 
that Hari merely describes three 'possible solutions;'' for "a conllict [when] the packets of 
the flow tniitcb both P; and F:."' whtcli does noi even suggi/sf, and in fact leaches away 
from, ;i rechnique ^wherein a first poiicy with a higher priority has a first condition 
associated therewith that is different from a second condition associated with a second 
poiicy with a lower priority snch that the first policy and second poHcv are activated 
under different priority-related conditions" (emphasis added), as claimed by applicant. 
C^learly, the disclosure of using the matching filter with the highest priority, as in Fiari, 
simply tails to even suggest a technique "wherein . . . the first policy and second policy 
are activated tinder different prioriiv-rekted conditions ^ (emphasis added), as 
claimed. 

In addition, witli respect to die independent claims, the Exantiner has relied on 
Col. 7, line 60 - Col. 8, line 33 from Chan to make a prior art showing of applicant's 
claimed teclinique "wherein the conditions include a source of the policies" (see this or 
similar, but not necessarily identical language in the independent claims). 

Applicant respectMly asserts that tlie exceipt relied upon by the Examiner merely 
teaches "[a] merge policy [which] i-epi-esents priorities and/or muttiai-exclusions" (Col. 7, 
lines 61-62), In addition, the excerpt teaches that "tlte merge policy may specify that the 
relative priority of rules is based on relatiye aiithoritv level of the originating source 
a pplication of tliose rules" (Col. 8, lines 2-4 - emphasis added). However, the excerpt 
fails to disclose a teehnicpe 'Svherein die conditions include a som ce M. the policies " 
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(emphasis added), as claimed by appiicant. Merely disclosing that the policy itself 
specifies a relative priority of rules, as ia Chan, fails to suggest "conditions [tliat] include 
a source of the poiicies " (einphasis added), in tlie context claimed by appiicatvt. 

In the OfFice Action mailed 03/26/2007, the Bxamitier has iMgued that "Chen 
speciftcaiiy teaches that the priori ty is based on i3ie authorit}" level of the origitiating 
source application" and that "[tjherefore, the policies have a priority and this priority is 
based on the sotifce appHcatioa." Further, the Examiner has asserted tliat "the conditioas 
are the priority." 

Applicant Ecspocuu!l\ dis.^gtces and again punits out that Chen mctoK toadies 
that ihat the pohc\ useif mas specilX a leiatnepuoutx ot luits based on the autbontv 
level of the soivrce of the rules. If the conditions are the priority, as assened by the 
Examiner, then, in Chen, the poUcy specifies tlie conditions (relative priority) of rules aie 
based on the soiyxe^apgiicMion of those rules, which does not even suggest "conditions 
[that] include a source of the poiicies"' (emphasis added), as claimed by applicant 
Clearly, specif>-ing the conditions of the rules based on the source application of the 
rules, as in Chen, simply fails to even suggest that '"the conditions inchide oource^of the 
policies" (emphasis added), as claimed by applicant. 

Furtlieiv witli respect to the independent claims, tlie Examiner has relied on Col. 
18, lines 15-30 from Jacobsoa to make a prior art showing of applicant's claimed 
technique "wherein the conditions include a severity of security actions associated with 
the poiicies" (see tltis or similar, but not necessarily identical language in the independent 

claims). 

Applicant respectfully points out that the excerpt from Jacobson allied on by the 
Examiner merely teaches that "[ejach cotnpliance action in the group is assigned a value" 
and tliat "[t]he numeric value assigned is based on the severity of the network policy 
compliaiice yiolation . i.e. the difference betv^'een tiie network policy compliance value 
and the user policy compliance value" (Col, 18, lines 15-21 - emphasis added). However, 
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merely assigamg a value to a compliance action based on the severity of the compiiance 
Yiolation - as in Jacobsoii, fails to teach a techniqiie 'Svherein the conditions include a 
severity of security actioTis associated with the policies" (emphasis added), as claimed by 
applicant. Clearly, a value that is the difference between the network policy compliance 
value and die group use!" policy compliance vahte, as in Jacobsoii, simply fails to even 
suggest "a severity of securit>'- actiotis associated with the policies" (emphasis added), in 
the mamier as claimed by applicant. 

With respect to independent Claim 28^ the Examiner has relied on paragraph 

[01 1 7] in Hor\itz to make a prior ait showing of applicant's claimed technique "'wherein 
the conditions represent an urgency associated with an issue causing tlie policy to be 
activated." 

Applicant respectfully asserts that the excerpt in l lorvitz relied on by the 
Examiner merely discloses that "[c]lass!fication as used herein also is inclusive of 
staliaticai regression tha t is utilized to develop models of urgency or other measnres of 
priority influencing an alerting and/or routing policy." .Applicant respectfully points out 
that the alerting and/or roudng policy disclosed in Horvitz only relates to "priorities tor 
messages represented electronicaHy" where such "priority of an electronic message can 
be classified" (paragraph [01 1 6]). Thus, the urgency disclosed in Horvitz is associated 
with the messa ge, and therefore does not even suggest that ^ths conditions represent an 
urgency associated v^fith an issue causing the policy to be activated" (emphasis added), as 
claimed. 

In tlie OtTice Action mailed 03/26/2007, the Examiner has argued that "I iorvitz 
teaches using urgency for a measm-e of priority for influencing an alerting and/or routing 
poiic>'" and that "therefore when combined as given above the alerts to activate a policy 
based on an issue given by ConSea! now have an tirgency related to them." 

Applicant respectfully disagrees and again asserts that Horvitz merely teaches 
"models of urgency or other measMes of priority infl uencing an alerting and'or routing 
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poiicy" (paragraph [01 1 7]) where tire priority is "a priority for electn)tvic files such as an 
e-mail" (paragraph [0116]). Therefore, the m gency taught in Horvitz is associated with 

the electronic message ., and therefore does not even suggest that 'ihe conditions represent 
mx urgency associated with mi issue causittg the poiicy to be activated " (emphasis added), 
as claimed. 

Applicant respectftiUy asserts that at least the first and third elemettt of the prima 
facie case of ob viousness have not been met, since it would be unobvious to combine the 
ConSeal and Man references, as noted above, and the prior art references, as relied upon 

by the Examiner, fail to teach or suggest all of the claim limitations, as also noted above. 
Nevertheless, despite such paramount deficiencies and in the spirit of expediting the 
prosecutioo of the preseiU application, applicant has incorporated the subject matter of 
former dependent Claims 2 and 3 et al. into some of the independent claims. 

With respect to the subject matter of former Claims 2 and 3 et al. (now at least 
substantially incorporated into some of the independent ciaims), the Examiner has relied 
on Page 2 of the C^onSeal reference, as e,\cen)ted below in pan, to make a prior art 
showing of applicant's claimed "determining whether a user confmns the activation of 
tlie policies" (Claim 2 et ai.) and "activating the policies if the user confirms" (Claim 3 et 
al.). 

"ConSsal PC firewall's learning jitiodes allow rules and rulesets to 
be generated efficiently and stj:aightf orwardly , The Marjual 
Learning Mode allows users to add, «dit and delete their rifles 
and tweak them according to addre.^s, service typs &nd so an. The 
Checked X.garni5ig Mode proinpts tha us^.y. for rxile ger-escatiors v;hen 
it_^vco}ante£s_a^^^^ The Unchecked 

Learning Mode ailovjs users to generate rules in the background by 
performing their norKsal networking activities over a trial 
period." (CanSeal, Paae 2 ~ ernpiiasls added) 

Applicant respectfully asserts that the excerpt ftom ConSeal relied upon by the 
Examiner merely teaches a technique where the "Checked Learning Mode prompts the 
nser for rule generatioii when it enconnters a packet for which it has no rule" (emphasis 
added). However, the excerpt fails to disclose "detennining whether a user confirms the 
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activation of tlie policies" (emphasis added) or "activating the pQltcies if the user 
cojifimis" (emphasis added), as claimed by appiicant 

ill the Office Action mailed 10/12/2006, the Examiner has argued that "when a 
rule in ConSeal has not been used before and the sysiein is in Qiecked [.earning Mode, 
the user is prompted to make a rule for the packet (i.e. allow or disallow) thereby cfeating 
two inactive policies (one to allow the packet and one to disallow the packet)" and 
"[tjherefore when the user selects an action the user is activating one of tlie previous 
inactive rules." 

Applicant respectfully disagrees. Simply nowhere in the excerjjt relied on by the 
Examiner is there any disclosure that "when the user selects an action the user is 
activating one of the previous inactive ndes," as the Examiner notes, in fact, applicant 
points out that ConSeal actually teaches that "[t\he system manages mlesets 
activation. . .behind the scenes" (see page 1 ), which clearly teaches away from 
"determining whether a user confirms the activation of the policies" (emphasis added) or 
" activating the policies if die user confinns" (emphasis added), as claimed by applicant. 

In addition, applicant respectfully assens tliat ConSeal merely discloses that 
"Checked Learning Mode prompts the user for rule generation when it encounters a 
packet for which it has no rule" (emphasis added). Clearly, prompting a user for rale 
generation when no rule exists, as in ConSeal, fails to even suggest "determining whether 
a user con linns the activation of the policies" (emphasis added) and "activating the 
policies if the user confirms " (emphasis added ), as claimed by applicant. AppHcant 
respectfully asserts that ConSears prompt for "mle generation" for a packet which has no 
rule simply fails to teach "determinitig whetlier a user confirms tlie activation of the 
policies" (emphasis added) or " actiyMm g the pd^^ if the user confirms" (emphasis 
added), as claimed by applicant. Clearly, rule generation, as in ConSeal, fails to meet 
"activating the policies^" in the manner as claimed by applicant. 
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In the Office Action mailed 03/26/2007, die Bxaminer has aigned that "when 
ConSea! is in the Checked Leaniing Mode and a packet aiTives with no poiicy ConSeal 

creates two inactive policies (allow or block) and pT'esents the user with these two 
options," The Examiaer has further argued ttiat "when the user selects one of these 
options the user confirms the activation of the policy." 

Applicant lespectftiUy disagrees and notes that simply nowhere in Page 2 of the 
ConSeal reference, as relied on by tlie Examiner, is tiiere any disclosure of "creat[ing] 
two inactive policies (allow or block) and present[ing] the iiser with these two options" in 
"Checked Learning Mode." 1 he excerpt relied on by the Bxaminer merely discloses that 
"[t]he Checked Learning Mode prompts the user for rule generation when it encounters a 
packet for which it has no rule" { Page 2 - emphasis added). Again, merely prompting a 
user for rale generation, as in ConSea!, does not disclose "determining whetlier a user 
confirms tiie activation of the poHcies" (emphasis added) or "activating the policies if the 
user confirms" (emphasis added), as claimed by applicant. 

Additionally, in the Office .Action mailed 03/26/2007, the Examiner has argued 
that ConSeal "nianag[ing] the ade sets behind the scenes.. . is in a different mode than 
tliat of the Checked Learning Mode and therefore has no relevance." Applicant 
respectftdly disagrees and asserts that ConSeal discloses "[mJaniiaL atitomatic, checked 
and unchecked learning modes," in addition to "[ejnvironment sensitive rulesets" where 
"[t|he system manages mlesets activation and conflict behind the scenes" (Page 1, 
ConSeal PC FIREWA,11, Technical Informaiion). Therefore, C'onSeal's teaching of 
different learning modes , in addition to the systetn managing mlesets a.cti.vation behind 
the scenes simply leaches away from "determining whether a nser confirms the activation 
of the policies" (emphasis added) or " activating the policies if tlie user confirms" 
(emphasis added), as claimed by applicant Clearly, the system managing mlesets 
activation, as in ConSeal, fails to even suggest that "a user confirms the activation " 
(emphasis added), or ' "activating the policies if the user confirms " (emphasis added), in 
the manner as claimed by applicant. 
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Thm, a notice of aliowance or a proper prior ai t showing of aU of applicant's 
claim limitations, in combiiiation with the remaining claim eiements, is respecttnUy 

requested. While some instances of previous versions of the claim iangnage have been 
cited above, note should be taken of the clarifications made hereinabove to the claims. 

Applicant further notes that the prior art is also deficient with respect to the 
dependent claims. For exan^ple, with respect to Claim 34, the Examiner has relied on the 
bottom of Page 1 to the top of Page 2 of the ConSea] reference to nmke a prior art 
showing of applicant's claimed technique "wherein the associated conditions of the 

policies dictate the manner in which the active policies are to be deactivated." Apphcant 
notes that the Examiner has cited the "bottom of page I to the top of page 2" without 
citing a specific reference, which applicant interprets as the bottom of Page 1 to the top of 
Page 2 of tiie ConSeai reference. 

Applicant respectful ly tK^tes that the excerpt relied on by the Examiner merely 
teaches "activat[ing] ruiesets only for specrfic applications" (Page 1), as well as 
"[p]rotect[ing| access torulesets... develop[ing| ruiesets;' in addition to allowing "users 
to add, edit and delete their rules and tweak them according to address, service type, and 
so on" (Page 2). However, merely activating , protecting, and developing rulesets, in 
addition to allowing users to add, edit, delete, and tweak rules, as in ConSeal, does not 
teach a technique "wherein the associated conditions of the policies dictate the manner in 
which the active policies are to be deactivated" (emphasis added), as claimed by 
applicatit. 

Additionally, with respect to Claim 3 7, the Examiner has rehed on tJie bottom of 
Page 1 to the top of Page 2 of the ConSeal reference to make a prior art showing of 
applicant's claimed technique "wherein an indication of the determination whether the 
de-activated policy is to be reused or discarded is stored with the associated condition/' 
Applicant notes that the Examiner has cited the "bottom of page 1 to the top of page 2" 
without citing a specific reference, which applicant interprets as tbe bottom of Page 1 to 
the top of Page 2 of the ConSeal reference. 
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Appiicam agam respecifuUv notes that the excerpt reljed on bv the Examiner 
merely disclose'? actisatfmy] luiesefs onK foi *l tu i I c iUor- tPi^c; ] ) as v^eO as 
'fplrotoct[nig] ac4,ess to luloscts dc\c}op|mgi ailcsets m aildition to aUon n\css 
to add edit and delete then ades and tweal ihem accoidmif lo addi^ss sen Jt.e t^p^ <jad 
soon' {Page 2} Howe\er mereh actuating . piotectmg , and de\elopuig iui<.:»eis, m 
addition to allowing users to add, edit, delete, and tweak rules, as in ConSeal, does not 
teach a technique "wherein an indication of tlie detennmation whether tire de-activated 
policy is to be reused or discarded is stored with the associated cotidition " (emphasis 
added), as claimed by applicant. 

Again, applicant respectfully asserts that at ieast the third elemetit oF\hs prima 
facie case of obviousness has not been met, since the prior ait references, as relied upon 
by tiie Exanuner, fail to teach or suggest a|i of tiie claim limitations, as noted above. 
Thus, a notice of allowance or specific prior art showing of each of the foregoing claim 
elements, in combination with the remaining claimed features, is respectfully requested, 

Still yet, applicant brings to the Examiner's attention the subject matter of new 
Claims 38-39 below, which are added for full consideration: 

"wherein the conditions are based on tlte detection of a predetennined 
amount of files of a certain type" (see Claim 38); and 

"wherein the conditions are based on whether a virus signature update is 

current" (see Claim 39), 

Thus, all of the independent claims are deemed allowable. Moreover, the 
renmtning dependent claims are further deemed allowable, in view of tlieir dependence 
on such independent claims. 



- 24 - 



In the event a telephone conversation would expedite the prosecution of this 
application, the Examiner may reach the undersigned at (408) 505-5100, The 

C'ommissioiter is authorized to charge any additiorsal fees or credit any overpayment to 
Deposit Account No, 50-1351 (Order No.N Ail P048/0i, 183.01), 



P.O. Box 72 n 20 

San Jose. CA 95 172-1120 

408-505-5100 



RespectMiy submitted, 
Zilka-Kotab, PC. 

/KEVINZILKA/ 

Kevin J. Zilka 
Registration No. 41,429 



